Sentinel: traceroute to source IP does not work on 5.1

  • 3269284
  • 02-Nov-2006
  • 26-Apr-2012

Environment

Microsoft Windows Server 2003 Standard Edition
Microsoft Windows 2000 Server
RedHat Linux
Solaris 9
Sentinel 5.1.x

Situation

Why doesn't the traceroute and ping work?
Right clicking an event and doing a traceroute to source IP does not work

Resolution

There is a "sticky bit" problem on Solaris relating to the execution of the "ping" and "traceroute" commands. Look at the permissions on "ping" and "traceroute" in the /usr/sbin directory, the sticky bit is set on these two applications and for some reason, this prevents the execution listener from executing them. (All other applications/commands work fine).

Workaround: For the ping and traceroute commands, write a shell script that wraps the commands, such as:
ping_script.csh:
/usr/sbin/ping %1

And then configure the menu item to run the script instead of the command, such as:
/u01/esecurity5.0FB7B/sentinel/exec/ping_script.csh

This seems to get around the sticky bit problem. Only a couple of commands (such as ping and traceroute) seem to have this sticky bit problem. It has nothing to do with the das executor itself.